package com.xwltz.web.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

/**
 * @description SecurityConfig
 * @information on version 1.0 be created by @xwltz at 2021/12/28 17:17
 */

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.csrf().disable();
		http.authorizeRequests().anyRequest().permitAll().and().logout().logoutUrl("/exit").permitAll();
		http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER);
	}
}
